/usr/lib/perl5/Linux/Prctl/CapabilityBoundingSet.pm is in liblinux-prctl-perl 1.5.0-1build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | package Linux::Prctl::CapabilityBoundingSet;
use Linux::Prctl;
use strict;
use warnings;
use Tie::Hash;
use Carp qw(croak);
use vars qw(@ISA);
@ISA = qw(Tie::StdHash);
sub TIEHASH {
my ($class) = @_;
my $self = {};
return bless($self, $class);
}
sub cap {
my ($self, $cap) = @_;
croak("Unknown capability: $cap") unless grep { $_ eq 'CAP_' . uc($cap) } @Linux::Prctl::EXPORT_OK;
my ($error, $val) = Linux::Prctl::constant('CAP_' . uc($cap));
if ($error) { croak $error; }
return $val
}
# Use ->can as the function may not be defined
sub capbset_drop {
shift;
return Linux::Prctl->can('capbset_drop')->(@_);
}
sub capbset_read {
shift;
return Linux::Prctl->can('capbset_read')->(@_);
}
sub STORE {
my ($self, $key, $value) = @_;
$key = $self->cap($key);
croak("Can only drop capabilities from the bounding set, not add them") if $value;
$self->capbset_drop($key);
}
sub FETCH {
my ($self, $key) = @_;
$key = $self->cap($key);
return $self->capbset_read($key) ? 1 : 0;
}
1;
|